Skip to content

/ codeql Public

New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

JS: track flow through string replace calls that just replace single chars for js/polynomial-redos #6736

Open
wants to merge 1 commit into
base: main
Choose a base branch
from
Open

JS: track flow through string replace calls that just replace single chars for js/polynomial-redos #6736

wants to merge 1 commit into from

Conversation

@erik-krogh
Copy link
Contributor

@erik-krogh erik-krogh commented Sep 22, 2021
edited

CVE-2021-3777: TP/TN

Evaluation looks OK.
One of the new results is from tracking through a path-separator-normalizer: next = prev.replace(/\\/g, '/');.
And the other is from escaping dots: next = prev.replace(/\./g, `\\.`)
So both TPs.
@erik-krogh
track flow through string replace calls that just replace single chars
a082ed9
@github-actions github-actions bot added the JS label Sep 22, 2021
@erik-krogh erik-krogh marked this pull request as ready for review Sep 23, 2021
@erik-krogh erik-krogh requested a review from as a code owner Sep 23, 2021
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Reviewers

@github/codeql-javascript codeql-javascript

At least 1 approving review is required to merge this pull request.

Assignees
No one assigned
Labels
JS
Projects
None yet
Milestone
No milestone
Linked issues

Successfully merging this pull request may close these issues.

None yet

1 participant
@erik-krogh